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AMENDMENTS TO THE CLAIMS 
The listing of claims will replace all prior versions, and listings of claims in the 
application: 

LISTING OF CLAIMS 
1. (Original): A method of operating a computer system, said method comprising: 

providing a program in memory, the program including at least one program unit, each 

program unit comprising an Application Programming Interface (API) definition file and 
an implementation, each API definition file defining items in its associated program unit 
that are made accessible to one or more other program units, each implementation 
including executable code corresponding to said API definition file, said executable 
code including type specific instructions and data; and 

performing a first verification including verifying said program prior to an installation of said 
program, said first verification including 

indicating a verification error when a first program unit implementation is not internally 
consistent; 

indicating a verification error when said first program unit implementation is inconsistent 
with a first program unit API definition file associated with said first program unit 
implementation; and 

generating a program fault signal when a verification error is indicated. 

28. (New) A method of operating a computer system, said method comprising: 

providing a program in memory, the program comprising at least one program unit, each 
program unit comprising an Application Programming Interface (API) definition file 
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and an implementation, each API definition file defining items in its associated program 
unit that are made accessible to one or more other program units, each implementation 
comprising executable code corresponding to said API definition file said executable 
code comprising type specific instructions and data; and 
performing a first verification prior to an installation of said program, comprising: 

indicating a verification error when a first program unit implementation is not internally 
consistent; and 

indicating a verification error when said first program unit implementation is 

inconsistent with a first program unit API definition file associated with said first 
program unit implementation. 

29. (New) The method of claim 28, further comprising: 

enabling execution of said program after said first verification if no verification error is 
indicated; and 

preventing the execution of said program after said first verification if a verification error is 
indicated. 

30. (New) The method of claim 29, further comprising performing a second verification 
comprising verifying a second program unit that references said first program unit and 
makes no items available for one or more other program units, said second verification 
comprising: 

indicating a verification error when the second program unit implementation is not internally 
consistent; and 
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indicating a verification error when said second program unit implementation is inconsistent 
with said first program unit API definition file. 

31. (New) The method of claim 30 wherein: 

said first program unit comprises at least one additional implementation; and 
said second verification comprises determining whether said at least one additional 
implementation is consistent with said first program unit API definition file. 

32. (New) The method of claim 29, further comprising performing a second verification 
comprising verifying a second program unit that references said first program unit, said 
second verification comprising: 

indicating a verification error when the second program unit implementation is not internally 
consistent; 

indicating a verification error when said second program unit implementation is inconsistent 

with the second program unit API definition file; and 
indicating a verification error when said second program unit implementation is inconsistent 

with said first program unit API definition file. 

33. (New) A method of operating a computer system, said method comprising: 
providing a program in memory, the program comprising at least one program unit, each 

program unit comprising an Application Programming Interface (API) definition file 
and an implementation, each API definition file defining items in its associated program 
unit that are made accessible to one or more other program units, each implementation 
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comprising executable code corresponding to said API definition file, said executable 
code comprising type specific instructions and data; and 
performing a first verification prior to execution of said program, comprising: 

indicating a verification error when a program unit implementation is not internally 
consistent; 

indicating a verification error when a program unit implementation is inconsistent with 

its API definition file; and 
indicating a verification error when a program unit implementation is inconsistent with 

the API definition file of a program unit referenced by said program unit. 

34. (New) The method of claim 33, further comprising performing a second verification 
comprising verifying said program after at least one program unit has been verified at least 
once, said second verification comprising: 

indicating a verification error when a program unit implementation is not internally 
consistent; 

indicating a verification error when a program unit implementation is inconsistent with its 

API definition file; and 
indicating a verification error when a program unit implementation is inconsistent with the 

API definition file of each program unit referenced by said program unit. 

35. (New) A program storage device readable by a machine, embodying a program of 
instructions executable by the machine to perform a method for program verification, said 
method comprising: 
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providing a program in memory, the program comprising at least one program unit, each 
program unit comprising an Application Programming Interface (API) definition file 
and an implementation, each API definition file defining items in its associated program 
unit that are made accessible to one or more other program units, each implementation 
comprising executable. code corresponding to said API definition file, said executable 
code comprising type specific instructions and data; and 

performing a first verification prior to an installation of said program, comprising: 

indicating a verification error when a first program unit implementation is not internally 
consistent; 

indicating a verification error when said first program unit implementation is 

inconsistent with a first program unit API definition file associated with said first 
program unit implementation. 

36. (New) The program storage device of claim 35, said method further comprising: 
enabling execution of said program after said first verification if no verification error is 

indicated; and 

preventing the execution of said program after said first verification if a verification error is 
indicated. 

37. (New) The program storage device of claim 36, said method further comprising performing 
a second verification comprising verifying a second program unit that references said first 
program unit and makes no items available for one or more other program units, said second 
verification comprising: 



8 



SV #152733 vl 



SUN-P4172CNT 
(811173-000431) 

indicating a verification error when the second program unit implementation is not internally 
consistent; and 

indicating a verification error when said second program unit implementation is inconsistent 
with said first program unit API definition file. 

38. (New) The program storage device of claim 37 wherein: 

said first program unit comprises at least one additional implementation; and 
said second verification comprises determining whether said at least one additional 
implementation is consistent with said first program unit API definition file. 

39. (New) The program storage device of claim 36, said method further comprising performing 
a second verification comprising verifying a second program unit that references said first 
program unit, said second verification comprising: 

indicating a verification error when the second program unit implementation is not internally 
consistent; 

indicating a verification error when said second program unit implementation is inconsistent 

with the second program unit API definition file; and 
indicating a verification error when said second program unit implementation is inconsistent 

with said first program unit API definition file. 

40. (New) A program storage device readable by a machine, embodying a program of 
instructions executable by the machine to perform a method for program verification, the 
method comprising: 
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providing a program in memory, the program comprising at least one program unit, each 
program unit comprising an Application Programming Interface (API) definition file 
and an implementation, each API definition file defining items in its associated program 
unit that are made accessible to one or more other program units, each implementation 
comprising executable code corresponding to said API definition file, said executable 
code comprising type specific instructions and data; and 

performing a first verification prior to execution of said program, comprising: 

indicating a verification error when a program unit implementation is not internally 
consistent; 

indicating a verification error when a program unit implementation is inconsistent with 

its API definition file; and 
indicating a verification error when a program unit implementation is inconsistent with 

the API definition file of a program unit referenced by said program unit. 

41. (New) The program storage device of claim 40, said method further comprising performing 
a second verification comprising verifying said program after at least one program unit has 
been verified at least once, said second verification comprising: 
indicating a verification error when a program unit implementation is not internally 
consistent; 

indicating a verification error when a program unit implementation is inconsistent with its 

API definition file; and 
indicating a verification error when a program unit implementation is inconsistent with the 

API definition file of each program unit referenced by said program unit. 
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42. (New) A system for executing a software application, the system comprising: 

a computing system that generates executable code, comprising means for providing a 
program in memory, the program comprising at least one program unit, each program 
unit comprising an Application Programming Interface (API) definition file and an 
implementation, each API definition file defining items in its associated program unit 
that are made accessible to one or more other program units, each implementation 
comprising executable code corresponding to said API definition file, said executable 
code comprising type specific instructions and data; and 

means for performing a first verification prior to an installation of said program, comprising: 
means for indicating a verification error when a first program unit implementation is not 
internally consistent; 

means for indicating a verification error when said first program unit implementation is 
inconsistent with a first program unit API definition file associated with said first 
program unit implementation. 

43. (New) The computing system of claim 42, further comprising: 

means for enabling execution of said program after said first verification if no verification 

error is indicated; and 
means for preventing the execution of said program after said first verification if a 

verification error is indicated. 

44. (New) The computing system of claim 43, further comprising: 
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means for performing a second verification comprising verifying a second program unit that 

references said first program unit and makes no items available for one or more other 

program units, said second verification comprising 
means for indicating a verification error when the second program unit implementation is 

not internally consistent; and 
means for indicating a verification error when said second program unit implementation is 

inconsistent with said first program unit API definition file. 

45. (New) The computing system of claim 44 wherein: 

said first program unit comprises at least one additional implementation; and 

said means for performing a second verification comprises a means for determining whether 

said at least one additional implementation is consistent with said first program unit API 

definition file. 

46. (New) The computing system of claim 43, further comprising means for performing a 
second verification comprising verifying a second program unit that references said first 
program unit, said means for performing said second verification comprising: 

means for indicating a verification error when the second program unit implementation is 

not internally consistent; 
means for indicating a verification error when said second program unit implementation is 

inconsistent with the second program unit API definition file; and 
means for indicating a verification error when said second program unit implementation is 

inconsistent with said first program unit API definition file. 
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47. (New) A system for executing a software application, the system comprising: 

a computing system that generates executable code, comprising means for providing a 
program in memory, the program comprising at least one program unit, each program 
unit comprising an Application Programming Interface (API) definition file and an 
implementation, each API definition file defining items in its associated program unit 
that are made accessible to one or more other program units, each implementation 
comprising executable code corresponding to said API definition file, said executable 
code comprising type specific instructions and data; and 
means for performing a first verification prior to execution of said program, comprising: 
means for indicating a verification error when a program unit implementation is not 

internally consistent; 
means for indicating a verification error when a program unit implementation is 

inconsistent with its API definition file; and 
means for indicating a verification error when a program unit implementation is 

inconsistent with the API definition file of each program unit referenced by said 

program unit. 

48. (New) The system of claim 47, further comprising means for performing a second 
verification comprising verifying said program after at least one program unit has been 
verified at least once, said means for performing said second verification comprising: 
means for indicating a verification error when a program unit implementation is not 

internally consistent; 
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means for indicating a verification error when a program unit implementation is inconsistent 

with its API definition file; and 
means for indicating a verification error when a program unit implementation is inconsistent 

with the API definition file of each program unit referenced by said program unit. 

49. (New) A resource-constrained device, comprising: 

memory for providing a remotely verified application software program comprising at least 
one program unit, each program unit comprising an implementation comprising type 
specific instructions and data, said remote verification utilizing an Application 
Programming Interface (API) definition file for each said implementation, each said 
API definition file defining items in its associated program unit that are made accessible 
to one or more other program units, said remote verification comprising indicating a 
verification error when a first program unit implementation is not internally consistent 
and indicating a verification error when said first program unit implementation is 
inconsistent with a first program unit API definition file associated with said first 
program unit implementation; and 

a virtual machine that is capable of executing instructions of said application software 
program. 

50. (New) The resource-constrained device of claim 49 wherein said resource-constrained 
device comprises a smart card. 
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51. (New) The resource-constrained device of claim 50 wherein said virtual machine is Java 
Card™-compliant. 

52. (New) A resource-constrained device, comprising 

memory for providing a remotely verified application software program comprising at least 
one program unit, each program unit comprising an implementation comprising type 
specific instructions and data, said remote verification utilizing an Application 
Programming Interface (API) definition file for each said implementation, each said 
API definition file defining items in its associated program unit that are made accessible 
to one or more other program units, said remote verification comprising indicating a 
verification error when a first program unit implementation is not internally consistent, 
indicating a verification error when said first program unit implementation is 
inconsistent with a first program unit API definition file associated with said first 
program unit implementation and indicating a verification error when said first program 
unit is inconsistent with the API definition file of each program unit referenced by said 
first program unit; and 

a virtual machine that is capable of executing instructions of said application software 
program. 

53. (New) The resource-constrained device of claim 52 wherein said resource-constrained 
device comprises a smart card. 
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54. (New) The resource-constrained device of claim 53 wherein said virtual machine is Java 
Card™-compliant. 
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